Re: HTTP based trojans

From: s.wun (s.wun@thales-is.com.hk)
Date: 11/06/02


From: "s.wun" <s.wun@thales-is.com.hk>
To: <AQBARROS@BKB.com.br>, <focus-ids@securityfocus.com>
Date: Wed, 6 Nov 2002 11:26:34 +0800

Hi,

What other open-source tool do you use to detect this attack?

Sam.
----- Original Message -----
From: <AQBARROS@BKB.com.br>
To: <focus-ids@securityfocus.com>
Sent: Thursday, October 31, 2002 8:46 PM
Subject: HTTP based trojans

> As I saw on the last messages about detecting trojans through flow-based
> analysis, I thought if someone already made anything to detect trojans
that
> use Internet Explorer controls to communicate with the client, even on
> networks that allow only proxied (even authenticated) http connections.
Did
> anyone try to do such kind of thing?
>
> Regards,
>
>
> Augusto.